Thursday, September 24, 2015

Malicious XCode (XCode ghost) attacks Appstore

XcodeGhost is a new iOS malware that arose from malicious versions of Xcode, Apple's tool for developing iOS and OS X apps. Chinese developers unknowingly compiled iOS apps using the modified Xcode IDE and distributed those infected apps through the App Store.

Apple advises that users should update the affected apps to fix the issue, noting that if a listed app is available on the App Store right now, it has already been updated. Apps not available are marked explicitly.

Encounter - Local Chatting Tool

China Unicom Customer Service (Not available)

CarrotFantasy 2: Daily Battle (Not Available)

Miraculous Warmth

Call Me MT 2 - Multi-server version

Heroes of Order & Chaos (Not Available)

Dark Dawn - Under the Icing City (Not Available)

I Like Being With You (Not Available)

Himalaya FM

CarrotFantasy (Not Available)

Flush HD

Angry Birds 2 (Not Available)

Baidu Music

DuoDuo Ringtone

NetEase Music

WeChat

DiDi Taxi

58 Classified - Job, Used Cars, Rent

Gaode Map - Driving and Public Transportation

Railroad 12306

Flush

Foreign Harbor (Not Available)

Battle of Freedom

One Piece - Embark (Not Available)

Let’s Cook - Receipes

This is not an exhaustive list and Apple is working hard to detect other compromised apps.